Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Bermuda: PrivCom publishes guidance note on harms caused from misused personal information
The Bermuda Office of the Privacy Commissioner ('PrivCom') published, on 7 September 2021, a guidance note describing the risks and potential harms to individuals that organisations and privacy officers should consider when processing personal information. In particular, the guidance note underscores that under Section 13 of the Personal Information Protection Act ('PIPA') organisations must consider the risk of harm to an individual when they are assessing what security safeguards are needed when they suffer a breach. Additionally, the guidance note states that PIPA's provisions contain flexibility to allow organisations to approach the aforementioned issues in a variety of ways. Furthermore, the guidance note provides a non-exhaustive list of privacy harms for organisations to consider if personal information of individuals gets lost, used in an unauthorised way, or otherwise misused including:
- physical harm;
- economic harm;
- reputational harm;
- relationship harm;
- discrimination harm;
- data quality harm;
- lack of informed choice harm; and
- loss of autonomy harm.
You can read the guidance note here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
